Forum: Ruby Creating p7s/pkcs7 files with Ruby

Bc0cec6d1c66027984b63fd8d6567bfc?d=identicon&s=25 Yves Vogl (Guest)
on 2009-01-24 15:15
(Received via mailing list)
Hi,

after fiddling around a lot these days I'm giving up and asking you
due to the lack of documentation of Ruby OpenSSL and too less
knowledge to figure it out on my own.

I want to sign an arbitrary document with a private key / certificate
pair to get either a detached signature (p7s file) or a self
containing one (pkcs7 file).
Let me illustrate my steps and problems by showing what I tried:

1. For testing purposes I created a private key and a certificate with
OpenSSL

  openssl genrsa -out app_key.pem 1024
  openssl req -new -key app_key.pem -x509 -days 365 -out app_cert.pem

2. In Ruby I load those files and the document I want to sign

  private_key = File.read('app_key.pem')
  certificate = File.read('app_cert.pem')
  data        = File.read('test.pdf')


3. I use those files with Ruby OpenSSL classes

  key = OpenSSL::PKey::RSA.new(private_key)
  crt = OpenSSL::X509::Certificate.new(certificate)


4. I create a detached signature:

  signed = OpenSSL::PKCS7::sign(crt, key, data, [],
OpenSSL::PKCS7::DETACHED)

This actually works and gives me an p7s file. When using
OpenSSL::PKCS7::BINARY it seems to me that I get a pkcs7 file which is
containing the payload of my testfile.

The problem here:

This convenient methods seems to use a SHA-1 hash for signing the
document – but I need to utilize at least SHA-256 or better SHA-512 as
it is a legal requirement for my application (qualified digital
signatures as defined in SiG of German law).
So I tried another way which was outlined on the web at
https://www.koders.com/ruby/fid1543851B1354DA253F0...

Continuing by step 3.) I did the following:

  p7 = OpenSSL::PKCS7::PKCS7.new(OpenSSL::PKCS7::SIGNED)
Problem: OpenSSL::PKCS7::SIGNED is undefined… and I don't know what to
specify here, else.

  signer = OpenSSL::PKCS7::Signer.new(crt, key, Digest::SHA1.new)

Here it seems to me that I can modify the digest algorithmus – but
using Digest::SHA256.new or Digest::SHA512.new fails.
Weird is, that I in irb the following works:
  require 'digest/sha2'
  Digest::SHA512.hexdigest('test')
  =>
"ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
"

Anyway… going in with SHA1.
  p7.add_signer(signer, key)
This command complained that the 2nd parameter is too much. So I
stripped this and get the error that signer is the wrong type.
signer actually is from kind of SignerInfo.

Next step would be:

  p7.add_certificate(cert)

…which makes no problem.
But the next methods throws an error because of the second parameter.
The 2nd parameter should have been to specify wether the signatur
should be detached or containing the payload (compare
OpenSSL::PKCS7::DETACHED, OpenSSL::PKCS7::BINARY above)

  p7.add_data(data, true)

In the end I would have been able to put out the signature either in
PEM or DER format:
  p7.to_pem
  p7.to_der

So here's my question:

How can I sign a PDF document to get a detached signature in p7s
format which was created by the usage of a private key, a certificate
and SHA512 for hashing?


Just for your interest… I'm currently working on an open source
project (http://github.com/yves-vogl/kimei) which should allow signing
documents which a private key / certificate as a webservice.
To make it compliant with european law, especially when signing
documents like invoices, it need to have the format mentioned above
and to utilize a private key / certficate from a smartcard provided by
the government.
To implement the latter feature I talked to Victor Costan who built
"smartcard", a STL for accessing smartcard readers by their PCSC
interface. If you are interested in this or would like to help - just
tell us. This would be really appreciated.

Cheers from Germany,

Yves
Cb6bbc826cd7d9238a2fae344958f7ec?d=identicon&s=25 Sandor Szücs (Guest)
on 2009-01-25 20:15
(Received via mailing list)
Hi Yves,

I am far from an expert, but maybe you just missunderstood a few things
what you have read.
Disclaimer: I just read your E-Mail and tried to guess in irb.

On 24.01.2009, at 15:13, Yves Vogl wrote:

--------------------8<-------------------

>
> to specify here, else.
I think what you want is:
p7 = OpenSSL::PKCS7::PKCS7.new(signed)

The variable signed is the signature in your example and is of type
OpenSSL::PKCS7.


>   signer = OpenSSL::PKCS7::Signer.new(crt, key, Digest::SHA1.new)

The following just works here:
signer = OpenSSL::PKCS7::Signer.new(crt, key,
OpenSSL::Digest::SHA512.new)

Try OpenSSL::Digest::SHA512.new, Digest is not the same as
Openssl::Digest.
irb> Digest.class
=> Module
irb> OpenSSL::Digest.class
=> Class


>   p7.add_signer(signer, key)
> This command complained that the 2nd parameter is too much. So I
> stripped this and get the error that signer is the wrong type.
> signer actually is from kind of SignerInfo.

Maybe I am naive, but p7.add_signer(signer) should be enough,
because signer got the key already.


> Next step would be:
>
>   p7.add_certificate(cert)

You mean p7.add_certificate(crt) or am I missing something?


> …which makes no problem.
> But the next methods throws an error because of the second
> parameter. The 2nd parameter should have been to specify wether the
> signatur should be detached or containing the payload (compare
> OpenSSL::PKCS7::DETACHED, OpenSSL::PKCS7::BINARY above)
>
>   p7.add_data(data, true)

Maybe I am naive, but p7.add_data(data), should be enough, because
signed is detached already.

> How can I sign a PDF document to get a detached signature in p7s
> format which was created by the usage of a private key, a
> certificate and SHA512 for hashing?

I am sure you will get it.

> just tell us. This would be really appreciated.
Nice.

Hope this helps, regards
Sandor
Sz
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2009-01-26 09:46
Yves Vogl wrote:
> This convenient methods seems to use a SHA-1 hash for signing the
> document

Yes. ruby's openssl library is just a thin wrapper around the openssl C
API.

If you look at [ruby]/ext/openssl/ossl_pkcs7.c you'll see that this
method just gets some arguments and then calls [openssl] PKCS7_sign()

On my system, typing 'man PKCS7_sign' says:

BUGS
       ....

       The SHA1 digest algorithm is currently always used.

So the question is really not a Ruby one, but an openssl one. If you can
find a way to generate the signature you want, using either the C API or
the openssl command line tool, it can probably be converted to Ruby
easily. But first you need to solve the openssl library problem, and I'd
suggest that's best done by asking the question on an openssl mailing
list.

Sorry I can't be more helpful than that...

Regards,

Brian.
Bc0cec6d1c66027984b63fd8d6567bfc?d=identicon&s=25 Yves Vogl (Guest)
on 2009-01-26 11:25
(Received via mailing list)
Hi,

On 25.01.2009, at 20:12, Sandor Szücs wrote:

> I think what you want is:
> p7 = OpenSSL::PKCS7::PKCS7.new(signed)
>
> The variable signed is the signature in your example and is of type
> OpenSSL::PKCS7.

But isn't this redundant then?


      signed = OpenSSL::PKCS7::sign(crt, key, data, [],
OpenSSL::PKCS7::DETACHED)


At this point I have a complete p7s file already (see signed.inspect)


When adding certificate and data again, I'm signing a signature…

      p7 = OpenSSL::PKCS7::PKCS7.new(signed)
      p7.add_certificate(crt)
      p7.add_data(data)

At least my signature is as big as the input file then… no matter if I
say "DETACHED" or "BINARY" in the example above.


>
> Try OpenSSL::Digest::SHA512.new, Digest is not the same as
> Openssl::Digest.
> irb> Digest.class
> => Module
> irb> OpenSSL::Digest.class
> => Class


 >> Digest.class
NameError: uninitialized constant Digest
  from (irb):11
 >> OpenSSL::Digest.class
=> Module


irb 0.9.5(05/04/13)
ruby 1.8.6 (2008-03-03 patchlevel 114) [universal-darwin9.0]
Mac OS X 10.5.6, Darwin Kernel Version 9.6.0: Mon Nov 24 17:37:00 PST
2008; root:xnu-1228.9.59~1/RELEASE_I386


Cheers, Yves
B1ad30497d30c983b8a9f4c6cf6fd509?d=identicon&s=25 ben ******* (babiben)
on 2009-08-13 16:25
is it possible, instead of "DETACHED" in 'signed =
OpenSSL::PKCS7::sign(crt, key, data, [],OpenSSL::PKCS7::DETACHED)" to
replace by "EMBEDDED" ?

If i want create an embedded signature, how can i do it ?
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.